Source: Ars Technica Security RSS

Sep 16, 2016

Enlarge (credit: Ildar Sagdejev)
In August 2011, multiple servers used to maintain and distribute the Linux operating system kernel were infected with malware that gave an unknown intruder almost unfettered access. Earlier this week, the five-year-old breach investigation got its first big break when federal prosecutors unsealed an indictment accusing a South Florida computer programmer of c...

Source: Ars Technica Security RSS

Sep 16, 2016

(credit: Marc Falardeau)
Another major site breach from four years ago has resurfaced. Today, LeakedSource revealed that it had received a copy of a February 2012 dump of the user database of Rambler.ru, a Russian search, news, and e-mail portal site that closely mirrors the functionality of Yahoo. The dump included usernames, passwords, and ICQ instant messaging accounts for over 98 million...

Source: Ars Technica Security RSS

Sep 16, 2016

Enlarge / The US Navy Bombe used during World War II to break Germany's Enigma encryption system. (credit: National Security Agency)
When you're an applied cryptographer, teaching your preteen daughters what you do for a living isn't easy. That's why Justin Troutman developed PocketBlock, a visual, gamified curriculum that makes cryptographic engineering fun.
In its current form, PocketBlock...

Source: Ars Technica Security RSS

Sep 16, 2016

OPM officials did nearly everything wrong as far as security goes and then lied about it, House Oversight Committee Republicans said in a final report on the OPM breach. (credit: Photo illustration by Sean Gallagher, based on image by Colin)
A report from the Republican majority on the House Oversight and Government Reform Committee published today places blame for the 2014 and 2015 data bre...

Source: Ars Technica Security RSS

Sep 16, 2016

Enlarge (credit: NBCUniversal) Warning: This piece contains minor spoilers for the most recent episode of Mr. Robot (S2E9)
Time and time again, Mr. Robot has proven to be a show that prides itself on extreme attention to detail. Whether it involves hiring ex-FBI employees as consultants or tracking down the duo behind the Full House theme, the series wants to ground its high-stakes sto...

Source: Ars Technica Security RSS

Sep 16, 2016

Enlarge
Snatching the login credentials of a locked computer just got easier and faster, thanks to a technique that requires only $50 worth of hardware and takes less than 30 seconds to carry out.
Rob Fuller, a principal security engineer at R5 Industries, said the hack works reliably on Windows devices and has also succeeded on OS X, although he's working with others to determine if it's j...

Source: Ars Technica Security RSS

Sep 16, 2016

(credit: cia.gov)
Federal authorities have arrested two men on charges they were part of a group that broke into the private e-mail accounts of high-ranking US government officials and a Justice Department computer system.
Andrew Otto Boggs, 22, of North Wilkesboro, North Carolina, and Justin Gray Liverman, 24, of Morehead City, North Carolina, were part of a group calling itself "Crackas wi...

Source: Ars Technica Security RSS

Sep 16, 2016

(credit: Ron Amadeo)
It was a bad week for millions of Android phone users. Two critical vulnerabilities were disclosed but remain unpatched in a large percentage of devices, while, separately, malicious apps were downloaded as many as 2.5 million times from Google's official Play Marketplace.
The vulnerabilities, which are similar in severity to the Stagefright family of bugs disclosed last...